package com.linux.huhx.business.action;

import com.linux.huhx.base.BaseController;
import com.linux.huhx.business.service.PasswordService;
import com.linux.huhx.constants.Constants;
import com.linux.huhx.constants.ConstantsMsg;
import com.linux.huhx.utils.EncryptUtils;
import com.linux.huhx.utils.SendMailUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.Timestamp;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;

/**
 * 找回密码的实现类
 * 
 * @author huhx
 * @date: 2016年12月19日 下午6:30:41
 */
public class GetPasswordAction extends BaseController{
	private static Logger logger = LoggerFactory.getLogger(GetPasswordAction.class);

	private PasswordService passwordService;

	public void setPasswordService(PasswordService passwordService) {
		this.passwordService = passwordService;
	}

	// 组装邮箱的发送内容
	private String getSendMailContent(HttpServletRequest request) {
		String secretKey = UUID.randomUUID().toString(); // 密钥
		Timestamp outDate = new Timestamp(System.currentTimeMillis() + 2 * 60 * 1000);// 2分钟后过期
		long date = outDate.getTime() / 1000 * 1000;// 忽略毫秒数 mySql 取出时间是忽略毫秒数的
		String key = request.getAttribute("Username").toString() + "$" + date + "$" + secretKey;
		String username = (String) request.getAttribute("Username");
		String email = (String) request.getAttribute("Email");
		String digitalSignature = EncryptUtils.md5Encrypt(key);// 数字签名
		// 将签名数据存放在session当中
		HttpSession session = request.getSession();
		session.setAttribute("signature", digitalSignature);
		session.setAttribute("username", username);
		session.setAttribute("email", email);
		logger.info("signature: " + digitalSignature);
		String path = request.getContextPath();
		String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
		String resetPassHref = basePath + "passwordAction/checkLink.action?Sid=" + digitalSignature + "&Username=" + username;
		String emailContent = "请勿回复本邮件.点击下面的链接,重设密码<br/><a href=" + resetPassHref + " target='_BLANK'>" + resetPassHref
				+ "</a>  或者    <a href=" + resetPassHref + " target='_BLANK'>点击我重新设置密码</a>"
				+ "<br/>tips:本邮件超过30分钟,链接将会失效，需要重新申请'找回密码'" + key + "\t" + digitalSignature;
		return emailContent;
	}

	// 检查用户点击的url
	@Override
	protected Map handleInner(HttpServletRequest request, HttpServletResponse response) throws Exception {
		// 得到请求的名字和sid值
		String urlUsername = request.getParameter("Username");
		String urlSid = request.getParameter("Sid");
		// 校验名字和Sid不能为空
		if (StringUtils.isEmpty(urlUsername) || StringUtils.isEmpty(urlSid)) {
			return null;
		}
		HttpSession session = request.getSession();
		String username = (String) session.getAttribute("username");
		String sid = (String) session.getAttribute("signature");
		String email = (String) session.getAttribute("email");
		// 校验名字和sid的匹配
		if (!urlUsername.equals(username) || !urlSid.equals(sid)) {
			return null;
		}
		// 如果上述两个通过，那么成功
		Map<String, String> map = new HashMap<>();
		map.put("email", email);
		map.put("username", username);
		return map;
	}
}
